Denounce espionage campaign against Latin America
19 agosto, 2014
A campaign of cyber espionage to encode military, diplomatic and governmental information is underway in Latin America since 2010, and has exposed countries like Colombia, Ecuador and Venezuela, Russian investigators say.
“We can not speculate on the origins, but we know who is behind speaking Spanish and Latin American. Were stolen hundreds of gigabytes of classified information,” said the director in Latin America of the Russian firm Kaspersky Lab, Dmitry Bestuzhev in Cartagena (northern Colombia).
The campaign called “Machete” the Russians were able to find a package of Java software, folders libraries for recording audio files, encrypted files and programming languages. The program also allowed physical search for victims and steal information using a special USB.
Dimitry spoke about this controversial topic at the Summit of Security Analysts, “The hyper and its implications for privacy and security” organized Russian firm business in Cartagena.
Stresses that of all people affected by espionage, 46 percent are in Venezuela, 36 percent in Ecuador and 11 percent in Colombia, said the Russian officer.
“The attackers were not interested in money, but in highly classified information of military, military deployment, payroll, radar, all you have to do with the national security of a government,” said Dimitry.
http://lainfo.es/en/2014/08/19/denounce-espionage-campaign-against-latin-america/
[center]~ ~ ~[/center]
Kaspersky Lab identifies a cyber-espionage campaign targeting Latin America
20 Aug 2014
Virus News
Kaspersky Lab announces the discovery of a new cyber-espionage campaign code-named ‘Machete’. This campaign has been targeting high profile victims, including government, military, law enforcement agencies and embassies for at least four years. The primary field of operation is Latin America: most of the victims appear to be located in Venezuela, Ecuador and Colombia; other affected countries include Russia, Peru, Cuba, and Spain. The objective of the attackers is to hijack sensitive information from the compromised organizations – so far this threat actor has managed to successfully steal gigabytes of confidential data.
“Despite the simplicity of the tools used in this campaign, the results show it was very effective. It looks like threat actors in Latin America are adopting techniques of APT campaigns seen around the world. We expect local cyber-espionage campaigns to reach increased levels of technological sophistication, and it is likely that new APT campaigns will be similar, from a technical point of view, to the top players worldwide. The best advice here is to think about security globally and stop thinking Latin American countries are free of those threats”, said Dmitry Bestuzhev, Head of Kaspersky Lab’s Global Research and Analysis Team, Latin America.
All indications are that the Machete started in 2010 and was updated with renewed infrastructure in 2012. The attackers used social engineering techniques to distribute the malware. In some cases, they used spear-phishing messages combined with web-based infections spread through specially-prepared fake blogs. At the moment, there are no indications of exploits using zero-day vulnerabilities. All the technical artifacts found in this campaign (like cyber-espionage tools and client side code) have rather low technical sophistication in comparison with other targeted campaigns. Despite this simplicity, Kaspersky Lab experts identified 778 victims around the globe.
Based on the evidence uncovered during Kaspersky Lab’s investigation, experts concluded that the attackers of the campaign appear to be Spanish speaking, and have roots somewhere in Latin America. Also, the targets were mostly Latin America countries. When targets outside of the region were found, there was sometimes a link to Latin America. For instance, in Russia the target appeared to be the embassy of one of the Latin America countries.
More:
http://www.kaspersky.com/about/news/virus/2014/Kaspersky-Lab-identifies-cyber-espionage-campaign-targeting-Latin-America
= new reply since forum marked as read
